An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://hackerone.com/reports/355458 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2018-07-20T22:00:00Z
Updated: 2024-09-16T17:03:15.839Z
Reserved: 2017-12-28T00:00:00
Link: CVE-2018-3771
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-07-20T22:29:00.287
Modified: 2024-11-21T04:06:02.680
Link: CVE-2018-3771
Redhat
No data.